notion-automation

SUSPICIOUS: The skill's Notion capabilities match its stated purpose, and the Rube endpoint appears to be an official same-org Composio service rather than a random payload. However, it routes all Notion auth and data through a third-party hosted MCP intermediary, understates auth requirements, and enables broad read/write workspace actions without explicit approval guardrails. This is coherent but medium-high risk due to credential delegation and intermediary data flow.